High-Tech Santé Médecine Droit-Finances

Auto-Entrepreneur

Comment faire ?

Rechercher : dans
Par :

Ordinateur extrêmement lent...

Dernière réponse le 1 mai 2009 à 11:48:37 toki127, le 29 avr 2009 à 10:38:16 
 Signaler ce message aux modérateurs

Bonjour à tous,
voilà ce qui m'amène ici aujourd'hui:
mon ordinateur devient extrêmement lent...
il lui faut au moins 5 minutes au démarrage... sans parler des longues minutes avant que l'explorateur ou le navigateur se lance!
J'ai fait un gros ménage sur le disque dur, et il y a maintenant pas mal de place libre.
Je me demande s'il n'est pas infecté, car l'ordinateur se met des fois à "pédaler" alors que je ne lui demande rien du tout!
Je précise que cet ordinateur n'est pas de première jeunesse, mais que je ne lui demande pas grand chose de plus qu'avant!
Merci d'avance pour votre aide!!!
Bonne journée

Configuration: Windows XP
Firefox 3.0.10

Posez votre question Répondre

1

geoffrey5, le 29 avr 2009 à 10:44:03

Bonjour,

Fais un rapport hijackthis pour que je puisse vérifier les infections de ton PC stp

▶ Télécharge hijackthis

▶ Tout est expliqué sur mon site web pour l'installer et l'utiliser correctement.

▶ Poste le rapport obtenu dans le bloc note dans ta prochaine réponse.


Comment copier/coller le rapport :


▶ Quand tu as le rapport à l écran, tu fais ctrl A pour "sélectionner tout" puis ctrl C pour "copier".

▶ ensuite tu viens sur le forum pour me répondre et tu fais ctrl V pour "coller" le rapport. Si vous voyez une amélioration sur votre PC, ce n'est pas pour autant que la désinfection est terminée... Continuez jusqu'au bout !!

   
Répondre à geoffrey5

2

toki127, le 29 avr 2009 à 10:53:24

Merci de ton aide!

voilà le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:52:29, on 29/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 87.98.163.29 www.ht-fff.org
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {40205287-E793-41AC-B95C-D8D064BA33CA} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.unika.com
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Wanadoo - http://chat10.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game18.zylom.servicesalacarte.wanadoo.fr/activex/zylomgamesplayer.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f006.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O18 - Protocol: bw+0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: offline-8876480 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bacdri2sn - AVG Technologies CZ, s.r.o. - (no file)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
End of file - 23363 bytes

   
Répondre à toki127

5

toki127, le 29 avr 2009 à 11:18:53

Voilà le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:52:29, on 29/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 87.98.163.29 www.ht-fff.org
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {40205287-E793-41AC-B95C-D8D064BA33CA} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.unika.com
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Wanadoo - http://chat10.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game18.zylom.servicesalacarte.wanadoo.fr/activex/zylomgamesplayer.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f006.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O18 - Protocol: bw+0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: offline-8876480 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bacdri2sn - AVG Technologies CZ, s.r.o. - (no file)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
End of file - 23363 bytes

Merci! :)

   
Répondre à toki127

6

geoffrey5, le 29 avr 2009 à 11:33:54

▶ Télécharge Random's System Information Tool (RSIT).

▶ Un tutoriel sera à ta disposition sur mon site web pour l'installer et l'utiliser correctement.

▶ Double clique sur RSIT.exe pour lancer l'outil.

▶ Clique sur 'Continue' à l'écran Disclaimer.

▶ Si l'outil Hijackthis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports.

( C:\RSIT\log.txt et C:\RSIT\info.txt )

CTRL A pour sélectionner tout, CTRL C pour copier et puis CTRL V pour coller Si vous voyez une amélioration sur votre PC, ce n'est pas pour autant que la désinfection est terminée... Continuez jusqu'au bout !!

   
Répondre à geoffrey5

7

toki127, le 29 avr 2009 à 11:44:00

Alors voila pour log.txt:
------------------------------------------------------------­------------------------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Marie at 2009-04-29 11:41:16
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 56 GB (36%) free of 154 GB
Total RAM: 511 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:41:32, on 29/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe
C:\Documents and Settings\Marie\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Marie.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 87.98.163.29 www.ht-fff.org
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {40205287-E793-41AC-B95C-D8D064BA33CA} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.unika.com
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Wanadoo - http://chat10.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game18.zylom.servicesalacarte.wanadoo.fr/activex/zylomgamesplayer.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f006.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O18 - Protocol: bw+0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: offline-8876480 - {424E964C-6697-4FF9-B7CC-52DC46F16959} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bacdri2sn - AVG Technologies CZ, s.r.o. - (no file)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
End of file - 23536 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Maintenance en 1 clic.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{259F616C-A300-44F5-B04A-ED001A26C85C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-11-22 304736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-01-27 1078552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40205287-E793-41AC-B95C-D8D064BA33CA}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-01-27 1968920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-01-27 1968920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-01-27 1601304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-04-06 401040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [2005-06-23 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
C:\WINDOWS\AGRSMMSG.exe [2003-05-23 88363]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-10-09 139264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IW_Drop_Icon]
C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe [2004-04-20 1122816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kmggm]
c:\windows\system32\kmggm.exe kmggm []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2003-12-16 188416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2003-12-16 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
C:\WINDOWS\system32\PSDrvCheck.exe [2003-11-10 406016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2007-04-09 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]
C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-11-22 185872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME\TomTomHOME.exe [2008-02-14 3977128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Utilitaires\WinAmp 5.01\Winamp 5.01 Pro\Winamp\winampa.exe [2008-08-04 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2005-02-08 450560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Wireless Configuration Utility HW.32.lnk]
C:\WINDOWS\INSTAL~1\{BDC88~1\NEWSHO~1.EXE [2005-10-03 40960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-01-27 10520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Utilitaires\Emule\Emule\emule.exe"="C:\Utilitaires\Emule\Emule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Jeux\AgeOfEmpires-TheAgeOfKings\age2_x1.exe"="c:\documents and settings\all users\documents\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\Program Files\MSN Gaming Zone\zclient.exe"="C:\Program Files\MSN Gaming Zone\zclient.exe:*:Enabled:Zone Datafile"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="c:\documents and settings\all users\documents\speed2.exe:*:Enabled:speed2"
"C:\Program Files\Valve\Steam\Steam.exe"="C:\Program Files\Valve\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Valve\Steam\SteamApps\toki127\counter-strike source\hl2.exe"="C:\Program Files\Valve\Steam\SteamApps\toki127\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
"C:\Utilitaires\WinAmp 5.01\Winamp 5.01 Pro\Winamp\winamp.exe"="C:\Utilitaires\WinAmp 5.01\Winamp 5.01 Pro\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Valve\Steam\SteamApps\toki127\half-life 2 deathmatch\hl2.exe"="C:\Program Files\Valve\Steam\SteamApps\toki127\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\Program Files\FileZilla\FileZilla.exe"="C:\Program Files\FileZilla\FileZilla.exe:*:Enabled:FileZilla"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:Microsoft Update"
"C:\Program Files\Grisoft\AVG Free\avginet.exe"="C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG Free\avgcc.exe"="C:\Program Files\Grisoft\AVG Free\avgcc.exe:*:Enabled:avgcc.exe"
"C:\Program Files\Grisoft\AVG Free\avgamsvr.exe"="C:\Program Files\Grisoft\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Freeplayer\vlc\vlc.exe"="C:\Program Files\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\utorrent\utorrent.exe"="C:\Program Files\utorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\HomePlayer1.5.0.2\HomePlayer.exe"="C:\Program Files\HomePlayer1.5.0.2\HomePlayer.exe:*:Enabled:HomePlayer"
"C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Easy Card\easy card.exe"="C:\Program Files\Easy Card\easy card.exe:*:Enabled:Easy Card v3.1.0.188, the easiest and connected greetings card creator."
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre1.6.0_07\bin\java.exe"="C:\Program Files\Java\jre1.6.0_07\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\HomePlayer\HomePlayer.exe"="C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer"
"C:\Program Files\HomePlayer\VLC\vlc.exe"="C:\Program Files\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{468cfe68-d516-11dd-a061-005070c908aa}]
shell\AutoRun\command - m9ma.exe
shell\explore\command - m9ma.exe
shell\open\command - m9ma.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{545b5b11-7950-11da-b024-806d6172696f}]
shell\AutoRun\command - F:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5bce9d6c-b77b-11da-9a2a-0090d0d39eb3}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{70f2487c-c955-11dd-a04b-005070c908aa}]
shell\AutoRun\command - O:\InstallTomTomHOME.exe


======File associations======

.js - open -

======List of files/folders created in the last 1 months======

2009-04-29 11:41:16 ----D---- C:\rsit
2009-04-29 11:08:19 ----D---- C:\Program Files\Fichiers communs\Adobe AIR
2009-04-29 10:48:58 ----D---- C:\Program Files\Trend Micro
2009-04-29 10:46:06 ----SHD---- C:\Config.Msi
2009-04-15 03:10:58 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-04-15 03:10:48 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-04-15 03:04:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-04-15 03:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-04-15 03:01:54 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-15 03:01:34 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-03-31 18:47:04 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-31 18:47:04 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-31 18:47:04 ----A---- C:\WINDOWS\system32\java.exe

======List of files/folders modified in the last 1 months======

2009-04-29 11:41:25 ----D---- C:\WINDOWS\Prefetch
2009-04-29 11:08:46 ----SHD---- C:\WINDOWS\Installer
2009-04-29 11:08:45 ----D---- C:\Program Files\Adobe
2009-04-29 11:08:44 ----D---- C:\WINDOWS\Temp
2009-04-29 11:08:23 ----D---- C:\Documents and Settings\Marie\Application Data\Adobe
2009-04-29 11:08:23 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-04-29 11:08:19 ----D---- C:\Program Files\Fichiers communs
2009-04-29 11:07:00 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-04-29 11:02:44 ----D---- C:\WINDOWS\system32
2009-04-29 10:48:58 ----D---- C:\Program Files
2009-04-29 10:46:29 ----D---- C:\WINDOWS
2009-04-29 10:31:04 ----D---- C:\Program Files\Mozilla Firefox
2009-04-29 10:29:52 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-29 10:26:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-04-29 10:26:06 ----D---- C:\WINDOWS\system32\drivers
2009-04-29 10:23:47 ----D---- C:\Documents and Settings\Marie\Application Data\Macromedia
2009-04-29 07:41:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-04-29 07:08:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-28 08:19:39 ----D---- C:\Documents and Settings\Marie\Application Data\Skype
2009-04-27 12:15:19 ----HD---- C:\$AVG8.VAULT$
2009-04-26 17:26:13 ----D---- C:\Documents and Settings\Marie\Application Data\skypePM
2009-04-26 16:10:59 ----D---- C:\WINDOWS\Minidump
2009-04-15 03:17:52 ----D---- C:\WINDOWS\system32\wbem
2009-04-15 03:17:52 ----D---- C:\WINDOWS\AppPatch
2009-04-15 03:11:03 ----HD---- C:\WINDOWS\inf
2009-04-15 03:11:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-15 03:10:53 ----A---- C:\WINDOWS\imsins.BAK
2009-04-15 03:10:12 ----D---- C:\WINDOWS\system32\fr-fr
2009-04-15 03:10:12 ----D---- C:\Program Files\Internet Explorer
2009-04-15 03:04:24 ----HD---- C:\WINDOWS\$hf_mig$
2009-04-15 03:02:57 ----D---- C:\Program Files\Microsoft ActiveSync
2009-04-11 12:22:06 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-04-06 16:57:24 ----A---- C:\WINDOWS\system32\MRT.exe
2009-03-31 18:47:00 ----D---- C:\Program Files\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [2002-07-17 16877]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-01-27 325128]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-01-27 27656]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-01-27 107272]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2000-02-03 24608]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-04-08 54272]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-04-09 31548]
R1 vobcom;vobcom; C:\WINDOWS\system32\drivers\vobcom.sys [2001-10-04 9728]
R1 vobiw;vobiw; C:\WINDOWS\system32\drivers\vobiw.sys [2004-02-20 187392]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-03-08 278728]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-03-08 25416]
R2 litsgt;litsgt; C:\WINDOWS\system32\DRIVERS\litsgt.sys [2005-09-01 137344]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2002-08-30 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2002-08-30 55936]
R2 tansgt;tansgt; C:\WINDOWS\system32\DRIVERS\tansgt.sys [2005-09-01 12032]
R3 AgereSoftModem;Creative Modem Blaster DI5733; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2003-05-23 1171648]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\System32\Drivers\ASAPIW2K.sys [2003-11-28 11264]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 cdrdrv;Cdrdrv; C:\WINDOWS\System32\Drivers\Cdrdrv.sys [2004-02-03 62976]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2003-12-12 784832]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064]
S1 hidfltr;HID Filter Driver; C:\WINDOWS\system32\drivers\MWhid.sys [2004-11-03 13332]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\System32\DRIVERS\alcan5wn.sys [2003-09-05 53600]
S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\System32\DRIVERS\alcaudsl.sys [2003-09-05 70624]
S3 Bridge;Pont MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dbustrcm;dbustrcm; C:\WINDOWS\system32\drivers\dbustrcm.sys []
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2005-12-30 223128]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 NPF;Netgroup Packet Filter; C:\WINDOWS\system32\drivers\npf.sys [2004-03-11 14448]
S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys []
S3 QCMerced;Logitech QuickCam Messenger; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2003-06-27 472332]
S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\sis163u.sys [2004-12-29 167424]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-01-27 903960]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-01-27 298264]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2005-02-21 54784]
R2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2000-06-29 52224]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2007-12-30 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2007-12-30 103736]
R2 SiSWLSvc;SiS WirelessLan Service; C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe [2004-12-31 45056]
R2 UxTuneUp;Extension de conception TuneUp; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:\WINDOWS\system32\sfrem01.exe [2006-05-10 353912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe []
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

-----------------EOF-----------------

   
Répondre à toki127

8

toki127, le 29 avr 2009 à 11:45:09

Et voilà pour info.txt:

------------------------------------------------------------­------------
info.txt logfile of random's system information tool 1.06 2009-04-29 11:41:40

======Uninstall list======

-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C1B8CBC-9118-11D7-86D3-00055DF3561E}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83021AC3-086F-4B77-ACCD-1BD7C9AB211E}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent 1.6.1 (Build 490)-->C:\Program Files\utorrent\Uninstal.exe
802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{BDC88E5A-F47B-4314-AB38-994592E32C95}
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
Adobe® Photoshop® Album Edition Découverte 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
Assistant Publication de sites Web Microsoft 1.53-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie3x86.inf,WebPostUninstall
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->MsiExec.exe /I{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
C-Media 3D Audio-->C:\WINDOWS\CMIUnInstall.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Creative Modem Blaster DI5733-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1C0717C-546A-11D7-9963-00A0C92C4EC3}\setup.exe" -l0x40c /remove
dBpowerAMP Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
eMule-->"C:\Utilitaires\Emule\Emule\Uninstall.exe"
EPSON CardMonitor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x40c uninst
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\Setup.exe" -l0x40c -UnInstall
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON PhotoQuicker3.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst
EPSON PhotoStarter3.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x40c uninst
EPSON PRINT Image Framer Tool2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Smart Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\Setup.exe" -l0x40c Uninstall
EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
ESPRX420 Guide de réf.-->C:\Program Files\EPSON\TPMANUAL\ESPRX420\REF_G\DOCUNINS.EXE
ESPRX420 Guide des logiciels-->C:\Program Files\EPSON\TPMANUAL\ESPRX420\PQU_G\DOCUNINS.EXE
FinePixViewer Ver.4.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE"
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Freeplayer-->C:\Program Files\Freeplayer\Uninstall.exe
FUJIFILM USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
Guitar Pro 5.0-->"C:\Program Files\Guitar Pro 5\unins000.exe"
Haali Media Splitter-->"C:\Program Files\Matroska Pack\haali\uninstall.exe"
Half-Life(R) 2-->MsiExec.exe /I{D45EC259-4A19-4656-B588-C2C360DD18EA}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HomePlayer 1.5.7c-->C:\Program Files\HomePlayer\uninst.exe
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
impact Universal Driver-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{28173CE5-FDC0-11D9-B098-009027EC0701}
iPAQ WebReg-->MsiExec.exe /I{D37C6152-89DF-4D29-83CF-666200D5F398}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java 2 Runtime Environment, SE v1.4.1_02-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFCE5837-FC21-11D6-9D24-00010240CE95}\setup.exe" Anytext
Java Web Start-->"C:\Program Files\Java Web Start\uninst-javaws.exe"
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
K-Lite Codec Pack 2.72 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech Gaming Software-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9242864-2841-4ADE-86E0-8F90F91B04DD}\setup.exe" -l0x40c
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Logitech QuickCam-->MsiExec.exe /I{A488D63E-B3DD-4423-892F-2F2EC8909518}
Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Manuel de l'appareil Windows Mobile®-->C:\Program Files\Windows Mobile Device Handbook\Windows Mobile Device Handbook\Bin\DHUninstall.exe
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Micro Application - Cartes d'Anniversaire-->C:\WINDOWS\unin040c.exe -fC:\WINDOWS\DeIsL4.isu
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mozilla Firefox (0.8.)-->C:\WINDOWS\UninstallFirefox.exe /ua "0.8. (fr)"
Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Gaming Zone-->C:\PROGRA~1\MSNGAM~1\zsetup.exe /Uninstall
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MySQL Connector/ODBC 3.51-->MsiExec.exe /I{0CB3C535-1171-4A20-B549-E2CB5DEB9723}
Nero 7 Ultra Edition-->MsiExec.exe /I{F14B8ECC-BDA0-4987-9201-D7B7DBE11036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}
Nokia Flashing Cable Driver-->MsiExec.exe /X{D99C322D-C21B-40C7-AE71-EE51AA096B6E}
Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_EA.exe /LANG="1036"
Nokia PC Suite-->MsiExec.exe /I{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}
Nokia Software Updater-->MsiExec.exe /X{EF4F620F-F295-41D7-92C0-6B635709C850}
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
Package de pilotes Windows - Nokia Modem (11/03/2006 6.82.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf
PC Connectivity Solution-->MsiExec.exe /I{066D65EA-ED53-44E4-A96A-F81B6E409D2E}
Pinnacle InstantCD/DVD Suite Update-->MsiExec.exe /X{AF91564A-878F-41DE-B284-CB313DC819E1}
Pinnacle InstantCD/DVD Suite-->MsiExec.exe /I{9CA74E7D-CA06-4A5C-9851-83D15B7B4D59}
Plug-in Tetris Livecom-->C:\PROGRA~1\LIVECO~1\Tetris\UNWISE.EXE C:\PROGRA~1\LIVECO~1\Tetris\INSTALL.LOG
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
SafeCast Shared Components-->C:\Program Files\Fichiers communs\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall
SecurEngine 4.0-->C:\WINDOWS\uSecurEngine.exe
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Sketch-->"C:\Program Files\AKVIS\Sketch\Uninstall\Uninstall.exe" "C:\Program Files\AKVIS\Sketch\Uninstall\install.log" -u
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SokkerViewer-->C:\Program Files\SokkerViewer\uninstall.exe
Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SuDoku Quest-->C:\WINDOWS\unvise32.exe C:\Program Files\sudoku_quest\uninstal.log
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
TomTom HOME-->C:\Program Files\InstallShield Installation Information\{CE325D55-FCAF-4273-BB79-069BB8747270}\setup.exe -runfromtemp -l0x040c -removeonly -removeonly
TuneUp Utilities 2006-->MsiExec.exe /I{868D7896-99D4-4513-BC62-2B3AD3E24926}
VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
WebCopier-->C:\WINDOWS\iun506.exe C:\Julien\webcopier\WebCopier\irunin_4.0.ini
win32 online help-->"C:\WINDOWS\UNISTB32.EXE" /U "C:\Julien\Sources C\lcc\UNINST0.000" "C:\Julien\Sources C\lcc\UNINST1.000"
WinAce Archiver 2.0-->C:\Program Files\WinAce\SXUNINST.EXE C:\Program Files\WinAce\SXUNINST.INI
Winamp-->"C:\Utilitaires\WinAmp 5.01\Winamp 5.01 Pro\Winamp\UninstWA.exe"
Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_039E7E24575DBAE6A389611AF28F4EB97729D33E\pccswpddriver.inf
Windows Driver Package - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 10 Hotfix - KB894476-->"C:\WINDOWS\$NtUninstallKB894476$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======Hosts File======

87.98.163.29 www.ht-fff.org
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com

======Security center information======

AV: AVG Anti-Virus Free

======System event log======

Computer Name: SY4PUNF12
Event Code: 7036
Message: Le service Ati HotKey Poller est entré dans l'état : arrêté.

Record Number: 117196
Source Name: Service Control Manager
Time Written: 20090402072409.000000+120
Event Type: Informations
User:

Computer Name: SY4PUNF12
Event Code: 26
Message: Application popup : Windows - Mémoire virtuelle minimale insuffisante : Votre système manque de mémoire virtuelle. Windows augmente la taille de votre fichier de pagination de mémoire virtuelle. Durant cette opération, des demandes de mémoire pour certaines applications pourront être refusées. Pour plus d'informations, consultez l'Aide.

Record Number: 117195
Source Name: Application Popup
Time Written: 20090401224906.000000+120
Event Type: Informations
User:

Computer Name: SY4PUNF12
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Record Number: 117194
Source Name: Tcpip
Time Written: 20090401202400.000000+120
Event Type: Avertissement
User:

Computer Name: SY4PUNF12
Event Code: 7036
Message: Le service Carte de performance WMI est entré dans l'état : arrêté.

Record Number: 117193
Source Name: Service Control Manager
Time Written: 20090401180521.000000+120
Event Type: Informations
User:

Computer Name: SY4PUNF12
Event Code: 7036
Message: Le service Carte de performance WMI est entré dans l'état : en cours d'exécution.

Record Number: 117192
Source Name: Service Control Manager
Time Written: 20090401180521.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: SY4PUNF12
Event Code: 102
Message: msnmsgr (2876) \\.\C:\Documents and Settings\Marie\Local Settings\Application Data\Microsoft\Messenger\justemil@live.fr\SharingMetadata\Working\database_9EAC_A807_ACA7_D7D3\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

Record Number: 24178
Source Name: ESENT
Time Written: 20090218165616.000000+060
Event Type: Informations
User:

Computer Name: SY4PUNF12
Event Code: 100
Message: msnmsgr (2876) Le moteur de base de données 5.01.2600.5512 est démarré.

Record Number: 24177
Source Name: ESENT
Time Written: 20090218165616.000000+060
Event Type: Informations
User:

Computer Name: SY4PUNF12
Event Code: 101
Message: msnmsgr (2876) Le moteur de base de données est arrêté.

Record Number: 24176
Source Name: ESENT
Time Written: 20090218165610.000000+060
Event Type: Informations
User:

Computer Name: SY4PUNF12
Event Code: 103
Message: msnmsgr (2876) \\.\C:\Documents and Settings\Marie\Local Settings\Application Data\Microsoft\Messenger\marie.mignard@hotmail.fr\SharingMetadata\Working\database_9EAC_A807_ACA7_D7D3\dfsr.db: Le moteur de base de données a arrêté une instance (0).

Record Number: 24175
Source Name: ESENT
Time Written: 20090218165610.000000+060
Event Type: Informations
User:

Computer Name: SY4PUNF12
Event Code: 102
Message: msnmsgr (2876) \\.\C:\Documents and Settings\Marie\Local Settings\Application Data\Microsoft\Messenger\marie.mignard@hotmail.fr\SharingMetadata\Working\database_9EAC_A807_ACA7_D7D3\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

Record Number: 24174
Source Name: ESENT
Time Written: 20090218165335.000000+060
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0303
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------

merci!

   
Répondre à toki127

9

geoffrey5, le 29 avr 2009 à 11:52:15

Tu as des infections qui se sont propagées par tes disques amovibles (clé usb, disques surs externes).

▶ Telecharge UsbFix de C_XX & Chiquitine29

▶ Lance l installation avec les parametres par default

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir

▶ Double clic sur le raccourci UsbFix sur ton bureau

▶ Choisi l'option 1 (recherche)

▶ Laisse travailler l'outil

▶ Ensuite post le rapport UsbFix.txt qui apparaîtra

* Note : le rapport UsbFix.txt est sauvegardé a la racine du disque

* Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides

* Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus. Si vous voyez une amélioration sur votre PC, ce n'est pas pour autant que la désinfection est terminée... Continuez jusqu'au bout !!

   
Répondre à geoffrey5

10

toki127, le 29 avr 2009 à 11:59:51

Et voilà:


############################## [ UsbFix V3.014 ]

# User : Marie (Administrateurs) # SY4PUNF12
# Update on 27/04/09 by C_XX & Chiquitine29
# Start at: 11:56:40 | 29/04/2009

# Intel(R) Pentium(R) 4 CPU 3.00GHz
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Enabled
# AV : AVG Anti-Virus Free 8.0 [ Enabled | Updated ]

# C:\ # Disque fixe local # 150,22 Go (54,47 Go free) [Local] # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
# G:\ # Disque CD-ROM
# H:\ # Disque CD-ROM
# I:\ # Disque CD-ROM
# J:\ # Disque amovible
# K:\ # Disque amovible
# L:\ # Disque amovible
# M:\ # Disque amovible
# N:\ # Disque amovible # 1,92 Go (1,01 Go free) [STORE N GO] # FAT
# O:\ # Disque amovible # 3,72 Go (1,63 Go free) [OPTIMA] # FAT32

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\PROGRA~1\Logitech\Video\AlbumDB2.exe
C:\PROGRA~1\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Registre # Startup ]

HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
HKCU_Main: "Start Page"="http://www.orange.fr/"
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_logon: "DefaultUserName"="Marie"
HKLM_logon: "AltDefaultUserName"="Marie"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: Cmaudio=RunDll32 cmicnfg.cpl,CMICtrlWnd
HKLM_Run: ATICCC="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
HKLM_Run: AVG8_TRAY=C:\PROGRA~1\AVG\AVG8\avgtray.exe
HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
HKCU_Run: H/PC Connection Agent="C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
HKCU_Run: MSMSGS="C:\Program Files\Messenger\msmsgs.exe" /background

################## [ Informations ]


################## [ Fichiers # Dossiers infectieux ]

Found ! C:\autorun.inf

################## [ Registre # Clés Run infectieuses ]


################## [ Registre # Mountpoints2 ]

HKCU\Software\Microsoft\....\MountPoints2\{468cfe68-d516-11dd-a061-005070c908aa}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{468cfe68-d516-11dd-a061-005070c908aa}\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\{468cfe68-d516-11dd-a061-005070c908aa}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{545b5b11-7950-11da-b024-806d6172696f}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{5bce9d6c-b77b-11da-9a2a-0090d0d39eb3}\Shell\Auto\command
HKCU\Software\Microsoft\....\MountPoints2\{5bce9d6c-b77b-11da-9a2a-0090d0d39eb3}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{70f2487c-c955-11dd-a04b-005070c908aa}\Shell\AutoRun\command

################## [ ! Fin du rapport # UsbFix V3.014 ! ]

merci!

   
Répondre à toki127

11

geoffrey5, le 29 avr 2009 à 12:01:00

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

▶ Double clic sur le raccourci UsbFix présent sur ton bureau

▶ choisi l'option 2 ( Suppression )

▶ Ton bureau disparaîtra et le pc redémarrera .

▶ Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

▶ Ensuite post le rapport UsbFix.txt qui apparaîtra avec le bureau .

▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller ) Si vous voyez une amélioration sur votre PC, ce n'est pas pour autant que la désinfection est terminée... Continuez jusqu'au bout !!

   
Répondre à geoffrey5

12

toki127, le 29 avr 2009 à 12:19:45

Voila!


############################## [ UsbFix V3.014 ]

# User : Marie (Administrateurs) # SY4PUNF12
# Update on 27/04/09 by C_XX & Chiquitine29
# Start at: 12:14:46 | 29/04/2009

# Intel(R) Pentium(R) 4 CPU 3.00GHz
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Enabled
# AV : AVG Anti-Virus Free 8.0 [ Enabled | Updated ]

# C:\ # Disque fixe local # 150,22 Go (54,47 Go free) [Local] # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
# G:\ # Disque CD-ROM
# H:\ # Disque CD-ROM
# I:\ # Disque CD-ROM
# J:\ # Disque amovible
# K:\ # Disque amovible
# L:\ # Disque amovible
# M:\ # Disque amovible
# N:\ # Disque amovible # 1,92 Go (1,01 Go free) [STORE N GO] # FAT
# O:\ # Disque amovible # 3,72 Go (1,63 Go free) [OPTIMA] # FAT32

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\WgaTray.exe

################## [ Fichiers # Dossiers infectieux ]

Deleted ! C:\autorun.inf

################## [ Registre # Clés Run infectieuses ]


################## [ Registre # Mountpoints2 ]

Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{468cfe68-d516-11dd-a061-005070c908aa}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{468cfe68-d516-11dd-a061-005070c908aa}\Shell\explore\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{468cfe68-d516-11dd-a061-005070c908aa}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{545b5b11-7950-11da-b024-806d6172696f}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{5bce9d6c-b77b-11da-9a2a-0090d0d39eb3}\Shell\Auto\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{5bce9d6c-b77b-11da-9a2a-0090d0d39eb3}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{70f2487c-c955-11dd-a04b-005070c908aa}\Shell\AutoRun\command

################## [ Listing des fichiers présent ]

[03/11/2006 22:29|--a------|10358646] - C:\11_03_0.JPEG
[23/12/2004 14:23|--ah-----|18944] - C:\Account.exe
[02/12/2007 00:43|--a------|511850] - C:\adorage-protocol.txt
[09/07/2004 15:22|--a------|0] - C:\AILog.txt
[17/01/2004 10:57|--a------|0] - C:\AUTOEXEC.BAT
[30/11/2004 21:48|--a------|7150] - C:\avgun.log
[27/12/2007 10:00|-rahs----|216] - C:\boot.ini
[30/08/2002 14:00|-rahs----|4952] - C:\Bootfont.bin
[09/08/2008 17:18|--a------|394809] - C:\CECILE.GEB
[09/08/2008 17:25|--a------|251621] - C:\cecile.png
[07/05/2004 11:18|--a------|43] - C:\codecche.cel
[17/01/2004 10:57|--a------|0] - C:\CONFIG.SYS
[04/05/2004 21:00|--a------|406] - C:\debugInstaller.txt
[29/05/2004 03:07|--a------|4873476] - C:\divx.log
[29/05/2004 13:03|--a------|843] - C:\fairuse.log
[10/11/2006 17:53|--a------|6570] - C:\hattrick 10-11-06.txt
[?|?|?] - C:\hiberfil.sys
[15/08/2005 11:29|--a------|283] - C:\IComTracer.log
[17/01/2004 10:57|-rahs----|0] - C:\IO.SYS
[04/09/2004 20:26|--ah-----|956107] - C:\KAVITABC.DAT
[12/11/2007 11:44|--a------|65337444] - C:\Legend of Zelda - The Phantom Hourglass.nds
[04/02/2005 16:43|--a------|2785] - C:\LGSInst.Log
[26/12/2004 13:10|--a------|965] - C:\log.txt
[11/11/2004 12:26|--a------|183] - C:\LogiSetup.log
[30/11/2008 16:00|--a------|123866] - C:\Manoeuvre de Dix-hallpike.ivr
[30/11/2008 16:00|--a------|2674] - C:\Manoeuvre de Dix-hallpike.meta
[30/11/2008 16:06|--a------|111254] - C:\Manoeuvre de Semont.ivr
[30/11/2008 16:06|--a------|2658] - C:\Manoeuvre de Semont.meta
[17/01/2004 10:57|-rahs----|0] - C:\MSDOS.SYS
[15/10/2004 00:02|-rahs----|47564] - C:\NTDETECT.COM
[20/09/2008 20:34|-rahs----|252240] - C:\ntldr
[?|?|?] - C:\pagefile.sys
[25/05/2007 21:56|--a------|4740] - C:\PERF.LOG
[23/12/2004 14:23|--ah-----|93696] - C:\RAS.exe
[23/12/2004 14:26|---h-----|98] - C:\raslog.ini
[23/12/2004 14:23|--a------|98] - C:\raslog.txt
[22/11/2008 14:29|--a------|357936] - C:\RealPlayer11GOLD_fr.exe
[14/06/2004 20:30|--a------|5399] - C:\resetlog.txt
[05/11/2006 16:30|--a------|5233] - C:\sokker.txt
[03/11/2006 22:29|--a------|791] - C:\twacker.log
[29/04/2009 12:16|--a------|5395] - C:\UsbFix.txt
[17/01/2004 10:57|--ahs----|1056] - C:\xjnjaw3o.sys
[04/01/2005 20:19|--a------|48738691] - C:\xscan.txt
[28/05/2005 11:08|--a------|0] - C:\________
[29/02/2008 14:16|--a------|5075112] - N:\CarryItEasy.exe
[15/02/2008 17:16|--a------|476957] - N:\Password Protection User Manual (CarryItEasy.exe).pdf
[08/10/2007 16:00|--a------|888087] - O:\Carry it Easy User Manual 2.12.pdf
[07/10/2008 11:54|--a------|5054632] - O:\CarryItEasy.exe
[16/01/2009 07:47|--a------|99328] - O:\CV2009.doc
[22/04/2009 14:25|--a------|1818624] - O:\comptes (version 1).xls
[11/11/2007 14:59|--a------|25600] - O:\Courrier impots Taxe habit garage 11-11-2007.doc
[07/06/2008 09:39|--a------|478208] - O:\suivi compte logement.xls

################## [ Vaccination ]

# C:\autorun.inf -> Folder created by UsbFix.
# N:\autorun.inf -> Folder created by UsbFix.
# O:\autorun.inf -> Folder created by UsbFix.

################## [ Cracks / Keygens / Serials ]

C:\Documents and Settings\All Users\Documents\Counter-Strike Condition Zero Crack Cd-Key Serial Patch.rar
C:\Documents and Settings\All Users\Documents\Counterstrike - Condition Zero - Keygen.exe
C:\Documents and Settings\All Users\Documents\Need For Speed Underground 2 Nocd Crack-Reloaded.rar
C:\Documents and Settings\All Users\Documents\need_for_speed_underground_2_patch_v1.1_francais_13356.exe

################## [ ! Fin du rapport # UsbFix V3.014 ! ]

   
Répondre à toki127

13

geoffrey5, le 29 avr 2009 à 12:22:28

Ok maintenant :

▶ Télécharge RAV Antivirus (d'Evosla)

▶ Si tu as une clé USB, disque dur externe, etc, branche-les sans les ouvrir avant de lancer ce FIX

▶ Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau

▶ Doucle-clique sur >> RAV.exe << afin de lancer l'outil.

▶ Une fois RAV ANTIVIRUS lancé, laisse-le réagir , il scanne automatiquement tout les lecteurs (disques fixes et amovibles)

▶ Si infection > un log s'établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain .

▶ Retire tes disques amovibles et redémarrez votre ordinateur.

▶ Poste le rapport, si infection!


ensuite :


▶ Télécharge l'outil Flash_Disinfector de sUBs et enregistre le sur ton bureau

Sous XP : Double clique sur Flash_Disinfector.exe pour l'exécuter.

sous vista : Clic-droit sur Flash_Disinfector présent sur le bureau et choisis "Exécuter en tant qu'administrateur"

▶Quand le message : [Plug in yours flash drive & clic Ok to begin disinfection] apparaitra :

Connecte au pc, clé USB, DD externes, susceptibles d'avoir été infectés.

▶Puis clic sur Ok

▶Les icônes sur le bureau vont disparaître jusqu'à l'apparition du message: [Done!!]

▶Appuie ensuite sur OK, pour faire réapparaître le bureau. Si vous voyez une amélioration sur votre PC, ce n'est pas pour autant que la 
désinfection est terminée... Continuez jusqu'au bout !!

   
Répondre à geoffrey5

14

toki127, le 29 avr 2009 à 13:02:35

Voilà c'est fait!
Pas de log avec le premier outil, et j'ai bien eu le message [Done] avec le deuxième!
C'est fini?
Merci!

   
Répondre à toki127

15

geoffrey5, le 29 avr 2009 à 13:38:55

Ok... Non ce n'est pas terminé...

▶ Télécharge malwarebyte's anti-malware

▶ Un tutoriel sera à ta disposition pour l'installer et l'utiliser correctement.

▶ Fais la mise à jour du logiciel (elle se fait normalement à l'installation)

▶ Lance une analyse complète en cliquant sur "Exécuter un examen complet"

▶ Sélectionnes les disques que tu veux analyser et cliques sur "Lancer l'examen"

▶ L'analyse peut durer un bon moment.....

▶ Une fois l'analyse terminée, cliques sur "OK" puis sur "Afficher les résultats"

▶ Vérifies que tout est bien coché et cliques sur "Supprimer la sélection" => et ensuite sur "OK"

▶ Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum


* Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Faites le en cliquant sur "oui" à la question posée Si vous voyez une amélioration sur votre PC, ce n'est pas pour autant que la désinfection est terminée... Continuez jusqu'au bout !!

   
Répondre à geoffrey5

16

toki127, le 29 avr 2009 à 17:57:30

Et voila!

Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2058
Windows 5.1.2600 Service Pack 3

29/04/2009 17:56:46
mbam-log-2009-04-29 (17-56-46).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 220079
Temps écoulé: 1 hour(s), 14 minute(s), 10 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\Pixie\RegTool.exe (Rogue.RegTool) -> Quarantined and deleted successfully.

   
Répondre à toki127

17

geoffrey5, le 29 avr 2009 à 19:19:15

▶ Télécharge Combofix de sUBs


▶ et enregistre le sur le Bureau.


▶ désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)


Voici le tutoriel officiel de Bleeping Computer pour savoir l utiliser :

http://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix


Je te conseille d'installer la console de récupération !!


ensuite envois le rapport stp Si vous voyez une amélioration sur votre PC, ce n'est pas pour autant que la désinfection est terminée... Continuez jusqu'au bout !!

   
Répondre à geoffrey5

18

toki127, le 29 avr 2009 à 20:35:47

Voila le nouveau rapport! :)

ComboFix 09-04-29.01 - Marie 29/04/2009 20:18.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.511.282 [GMT 2:00]
Lancé depuis: c:\documents and settings\Marie\Bureau\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Internet Explorer\fxavx.ini
c:\windows\patch.exe
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\rnaph.dll
c:\windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_WINDOWS_LOG
-------\Service_NPF


((((((((((((((((((((((((((((( Fichiers créés du 2009-05-28 au 2009-4-29 ))))))))))))))))))))))))))))))))))))
.

2009-04-29 11:48 . 2009-04-29 11:48 -------- d-sh--w c:\documents and settings\Marie\UserData
2009-04-29 09:54 . 2009-04-29 10:17 -------- d-----w C:\UsbFix
2009-04-29 09:41 . 2009-04-29 09:41 -------- d-----w C:\rsit
2009-04-29 09:08 . 2009-04-29 09:08 -------- d-----w c:\program files\Fichiers communs\Adobe AIR
2009-04-29 08:48 . 2009-04-29 08:48 -------- d-----w c:\program files\Trend Micro
2009-04-14 18:17 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.e­xe
2009-04-14 18:17 . 2009-03-06 14:20 286720 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-14 18:17 . 2009-02-09 11:23 111104 -c----w c:\windows\system32\dllcache\services.e­xe
2009-04-14 18:17 . 2009-02-09 10:53 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-14 18:17 . 2009-02-09 10:53 473600 -c----w c:\windows\system32\dllcache\fastprox.d­ll
2009-04-14 18:17 . 2009-02-09 10:53 685568 -c----w c:\windows\system32\dllcache\advapi32.d­ll
2009-04-14 18:17 . 2009-02-09 10:53 735744 -c----w c:\windows\system32\dllcache\lsasrv.dll­
2009-04-14 18:17 . 2009-02-09 10:53 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.d­ll
2009-04-14 18:17 . 2009-02-09 10:53 739840 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-14 18:12 . 2008-12-16 12:31 354304 -c----w c:\windows\system32\dllcache\winhttp.dl­l
2009-04-14 18:12 . 2008-04-21 21:15 219136 -c----w c:\windows\system32\dllcache\wordpad.ex­e

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-29 09:07 . 2004-01-17 09:40 -------- d-----w c:\program files\Fichiers communs\Adobe
2009-04-29 08:26 . 2009-01-17 12:54 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-29 08:23 . 2005-01-06 10:31 -------- d-----w c:\program files\Macromedia
2009-04-29 08:23 . 2004-01-17 09:20 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-29 08:23 . 2005-01-06 10:32 -------- d-----w c:\program files\Fichiers communs\Macromedia
2009-04-29 05:41 . 2004-01-17 09:49 77038 ----a-w c:\windows\system32\perfc00C.dat
2009-04-29 05:41 . 2004-01-17 09:49 474316 ----a-w c:\windows\system32\perfh00C.dat
2009-04-15 01:02 . 2005-12-02 20:33 -------- d-----w c:\program files\Microsoft ActiveSync
2009-04-06 13:32 . 2009-01-17 12:55 38496 ----a-w c:\windows\system32\drivers\mbamswissarm­y.sys
2009-04-06 13:32 . 2009-01-17 12:55 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-03-31 16:47 . 2004-04-27 21:16 -------- d-----w c:\program files\Java
2009-03-13 17:08 . 2009-03-13 17:08 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdc­mb_01007.Wdf
2009-03-13 17:08 . 2009-03-13 17:08 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_0­1007_Coinstaller_Critical.Wdf
2009-03-13 17:03 . 2009-03-12 18:41 -------- d-----w c:\program files\Nokia
2009-03-13 16:58 . 2009-03-12 18:43 -------- d-----w c:\program files\Fichiers communs\Nokia
2009-03-12 18:44 . 2009-03-12 18:42 -------- d-----w c:\program files\DIFX
2009-03-12 18:43 . 2009-03-12 18:43 -------- d-----w c:\program files\Fichiers communs\PCSuite
2009-03-12 18:42 . 2009-03-12 18:41 -------- d-----w c:\program files\PC Connectivity Solution
2009-03-09 03:19 . 2008-12-17 18:23 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-08 08:43 . 2006-11-09 18:31 -------- d-----w c:\program files\SokkerViewer
2009-03-08 08:20 . 2009-03-08 08:20 56 ---ha-w c:\windows\system32\ezsidmv.dat
2009-03-08 08:15 . 2009-03-08 08:15 -------- d-----w c:\program files\Fichiers communs\Skype
2009-03-08 08:15 . 2009-03-08 08:15 -------- d-----r c:\program files\Skype
2009-03-06 14:20 . 2004-01-17 09:49 286720 ----a-w c:\windows\system32\pdh.dll
2009-03-06 10:13 . 2009-01-17 19:12 -------- d-----w c:\program files\HomePlayer
2009-03-03 00:13 . 2004-07-07 16:59 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-20 17:10 . 2004-08-19 23:09 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-14 12:40 . 2008-10-28 13:16 1026 ----a-w c:\windows\system32\ealregsnapshot1.reg
2009-02-09 14:05 . 2004-01-17 09:49 1846912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:23 . 2002-08-29 11:42 2025984 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 11:23 . 2002-08-29 11:42 2147328 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:23 . 2004-01-17 09:49 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:53 . 2004-01-17 09:49 735744 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:53 . 2004-04-27 09:12 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:53 . 2004-01-17 09:49 739840 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 10:53 . 2004-01-17 09:48 685568 ----a-w c:\windows\system32\advapi32.dll
2009-02-06 10:39 . 2004-01-17 09:49 35328 ----a-w c:\windows\system32\sc.exe
2009-02-03 19:58 . 2004-01-17 09:49 56832 ----a-w c:\windows\system32\secur32.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-27 1601304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Cmaudio"="cmicnfg.cpl" - c:\windows\CMICNFG.CPL [2003-12-11 2453504]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-01-27 07:08 10520 ----a-w c:\windows\system32\avgrsstx.dll

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave1"= serwvdrv.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ 'autocheck autochk *'

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Wireless Configuration Utility HW.32.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Wireless Configuration Utility HW.32.lnk
backup=c:\windows\pss\Wireless Configuration Utility HW.32.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Utilitaires\\Emule\\Emule\\emule.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\MSN Gaming Zone\\zclient.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Valve\\Steam\\Steam.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\toki127\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Utilitaires\\WinAmp 5.01\\Winamp 5.01 Pro\\Winamp\\winamp.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\toki127\\half-life 2 deathmatch\\hl2.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\WINDOWS\\system32\\svchost.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Freeplayer\\vlc\\vlc.exe"=
"c:\\Program Files\\utorrent\\utorrent.exe"=
"c:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\bin\\java.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\HomePlayer\\HomePlayer.exe"=
"c:\\Program Files\\HomePlayer\\VLC\\vlc.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 hidfltr;HID Filter Driver;c:\windows\system32\drivers\MWhid.sys [2004-11-03 13332]
R2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager; [x]
R3 Bacdri2sn;Bacdri2sn; [x]
R3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;c:\windows\system32\DRIVERS\sis163u.sys [2004-12-29 167424]
S0 VOBID;VOBID;c:\windows\System32\DRIVERS\vobid.sys [2003-08-01 29239]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-01-27 325128]
S1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-01-27 107272]
S1 vobcom;vobcom; [x]
S1 vobiw;vobiw; [x]
S2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-01-27 903960]
S2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-27 298264]
S2 litsgt;litsgt;c:\windows\system32\DRIVERS\litsgt.sys [2005-09-01 137344]
S2 tansgt;tansgt;c:\windows\system32\DRIVERS\tansgt.sys [2005-09-01 12032]
S3 cdrdrv;cdrdrv;c:\windows\system32\Drivers\Cdrdrv.sys [2004-02-03 62976]


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'

2009-03-13 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2006\SystemOptimizer.exe [2005-09-01 05:27]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Télécharger avec &BitSpirit
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: DirectAnimation Java Classes
DPF: fdjeux - hxxps://www.fdjeux.net/classes/fdjeux.cab
DPF: Interface Chat Wanadoo - hxxp://chat10.x-echo.com/version6/Applet/wchatsign.cab
DPF: Microsoft XML Parser for Java
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game18.zylom.servicesalacarte.wanadoo.fr/activex/zylomgamesplayer.cab
DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} - hxxp://f006.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} - hxxp://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
FF - ProfilePath - c:\documents and settings\Marie\Application Data\Mozilla\Firefox\Profiles\yilwlg9b.Dijon\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA2&q=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll

---- PARAMETRES FIREFOX ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-29 20:24
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-4227570477-946958389-1760926299-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-4227570477-946958389-1760926299-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:72,07,72,1c,79,5f,6c,37,40,d1,58,6b,09,91,f9,9c,c4,09,a9,81,eb,03,6f,
06,a5,23,71,52,3a,8e,e0,d2,94,5c,4a,bc,65,f1,32,5a,2d,fa,a8,2a,e9,3e,b9,0a,\
"??"=hex:e7,bf,49,2a,ff,46,8a,1e,33,b6,5c,8a,94,ea,fa,42

[HKEY_USERS\S-1-5-21-4227570477-946958389-1760926299-1006\Software\SecuROM\License information*]
"datasecu"=hex:72,5e,ac,a2,ca,ab,bf,35,bb,1c,80,d0,59,72,f6,a5,cb,82,3e,ef,9d,
f7,48,84,67,6a,7f,24,f4,d2,42,4e,fc,1c,bf,33,c2,2b,04,0f,3e,f5,ef,ac,20,05,\
"rkeysecu"=hex:eb,13,c8,93,1f,9e,ea,1c,f6,04,3c,dd,ca,82,10,b2
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(812)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3900)
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_fre.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\program files\ArcSoft\PhotoImpression 5\share\pihook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Office\Office10\msohev.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\drivers\CDAC11BA.EXE
c:\windows\system32\Crypserv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\progra~1\MICROS~4\rapimgr.exe
.
**************************************************************************
.
Heure de fin: 2009-04-29 20:32 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-04-29 18:32

Avant-CF: 58 285 084 672 octets libres
Après-CF: 58 971 541 504 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn

269 --- E O F --- 2009-04-15 01:11

ca veut dire qu'il y a encore des infections?
quelle est la suite du programme?
merci beaucoup de ton aide!

   
Répondre à toki127

19

geoffrey5, le 29 avr 2009 à 23:49:53

Ok maintenant refais un nouveau RSIT et postes les 2 rapports qui seront générés stp Si vous voyez une amélioration sur votre PC, ce n'est pas po­ur autant que la désinfection est terminée... Continuez jusq­u'au bout !!

   
Répondre à geoffrey5
23 réponses 12 Suivant
Posez votre question Répondre
Ils ont besoin de votre aide